Albert Einstein was quoted as saying, “Look deep into nature, and then you will understand everything better.” People describe the Internet as a hostile network — which is true — and that got me thinking about other hostile environments where a successful strategy results in resiliency and continuity.
What if Mother Nature was the CISO? What would her strategy be? What strategy could she give the prey species so they could survive in the presence of many predators? I’m specifically interested in prey species because, like most organizations on the Internet, they have no real offensive measures, yet they are expected to adapt to a hostile environment.
To get a better understanding of the defensive tactics of prey species, it is worth spending a minute talking about the dominant strategies of predators. All of these offer similarities to the threat landscape we have been experiencing on the Internet.
Cruising: This is where the predator is continually on the move to locate prey. This strategy is effective when the prey is widely dispersed and somewhat stationary. This was the dominant strategy for attackers in the early days of the Internet, mainly because it was all about compromising servers and “pushing” the exploit to the victim. While still prominent, it is noisy, and the predator, as in nature, must consider the consequence of being a victim him/herself while cruising.
